SPACInsider contributors Anthony Sozzi and Sam Beattie this week compiled their three favorite potential SPAC targets among the emerging DevOps technology space. We look at why they are compelling and why each could be a fit for a blank-check merger.
SPACs have boosted the infrastructure of the future in a number of meaningful ways since the boom began in mid-2020. SPAC deals have since funded electric vehicle (EV) charging stations, vertical farms and the rocketry companies that are becoming the new highway to Earth’s orbit.
The asset class has also been active in the internet spheres, targeting ecommerce, e-gaming and two-way marketplaces across a variety of consumer sectors. But there is an infrastructure that undergirds these businesses as well – DevOps. This is an acronym for the umbrella of companies that combine software development with the operations of IT systems.
Companies specializing in DevOps believe they can shorten software development cycles while delivering more secure structures. Given the extremely high level of competition among internet-based enterprises to stay ahead, DevOps services have seen skyrocketing demand and matching levels of investment.
Venture Capital firms invested $7.5 billion in DevOps and Cloudtech firms in the first half of 2021 beating out the $6.2 billion the sector raised in all of 2019, according to PitchBook. VC exits are following at a similar pace with 19 in the first half of 2021 after 28 in all of 2020 and 22 in 2019.
But SPACs could play an important role in this sector in another way – they may be the only way for a DevOps startup to remain independent over the long-term. Pressure to consolidate among this particular part of the tech stack is high and many early seed and venture-stage backers in the space are the largest strategic players around – Amazon (NASDAQ:AMZN), Google (NASDAQ:GOOGL) and Microsoft (NASDAQ:MSFT).
As such, VC exits via sales to strategic players far outpaced private equity buyouts or IPOs in the space in every year since 2015. That changed somewhat to start this year. The total value of exits in DevOps surged from consistently below $12 billion per year to over $50 billion in the first half of 2021 primarily due to the IPOs of two prominent independents – UiPath (NYSE:PATH) and Confluent (NASDAQ:CFLT) – which made up $36 billion of this figure.
The next largest deal in the space followed the more familiar model with Turbonomic selling to IBM (NYSE:IBM) for $1.8 billion in April. UiPath and Confluent had grown to stocky super-unicorns in their own right. But, SPACs could provide a path to fruitful independence for the next rung of DevOps players valued around or above $1 billion that would normally be tucked into a major.
Many of the enterprises in this space are building along and within open-source infrastructure that has been put in place long-time titans of the internet. Among these is Kubernetes, a data container-orchestration system that was originally designed by Google to manage and scale app deployment. Prometheus is another.
Sysdig provides a platform for secure development within Kubernetes, Prometheus and other methods that leaves built-in tools. These, among other things, automatically scan images that interact with a site without bringing in potentially harmful code. It also has solutions that forensically analyze data breaches. Sysdig structures also ensure that developers are setting up cloud-based sites that remain in continuous compliance with the various data-regulation authorities.
Founded in 2013, Sysdig has raised $394 million to date on its way to a $1.2 billion valuation as of its Series F in April. The majors have already been busy acquiring in this specific vertical with IBM’s Red Hat acquiring Kubernetes-based platform StackRox in February, while Rapid7 bought StackBox peer Alcide the same month.
The uniqueness that the container system brings in the Kubernetes network has led much of the space to believe that a this particular slice of the market is set up to foster one or several cybersecurity players of its own like CrowdStrike (NASDAQ:CRWD) or SentinelOne (NYSE:S). Sysdig could also be on that path and might get there faster through a SPAC.
But, there are large players that have advanced DevOps tools that are not reliant on the Kubernetes platform itself. Docker has long operated solutions for developing applications within containers and has a parallel system of orchestrating those containers.
In fact, Kubernetes recently dropped support for Docker on its own platform, but developers continue to use both separately even if not in conjunction. As such, Docker makes even more sense as an independent alternative to the ecosystem that is growing around Kubernetes, but could potentially use more capital to solidify that position.
Earlier on, it made a series of investments to roll up smaller peers, acquiring nine businesses between 2011 and 2016. SPAC cash and public market-flexibility could get it back on the M&A horse.
The open-source world is also typically a cash-free environment, but Docker has begun charging users $7 to $21 per month based on the size of the client, but it still has a free option for small scale operations. This could signal that Docker is interested in shifting into a sustainable commercial model, rather than taking the VC-to-acquisition trail that many of its peers have traveled.
Private equity has played a relatively smaller role in the DevOps funding process as compared to other verticals, but it nonetheless has potentially provided its own vital stepping stone for those transitioning from startup to maturity.
In the case of Israel-based CheckMarx, the company has grown to serve about 1,600 customers in 70 countries including about half of the Fortune 50 in securing apps and other web products. Much of this work has come since being bought out by Hellman & Friedman and TPG Capital for $1.15 billion in April 2020.
Moving to the next stage now would be a bit of a quick turnaround for the normal PE timetable, but not an unwelcome one if the market returns are there. Its backer TPG Capital would have a firm sense of when a SPAC transaction might make sense with given its own four vehicles in the market, two of which have announced transactions, while another, TPG Pace Beneficial II (NYSE:YTPG) remains in the seeking column and TPG Pace Tech Opportunities II (NYSE:TPGT) waits to list.
CheckMarx’s earlier investors included Salesforce (NYSE:CRM), and the company has become a tool frequently used in concert with other solutions as a testing, scanning and code-training platform. While it has open-source options, it also develops bespoke systems to ensure security for the financial services industry and public sector with clients including the US Department of Defense, several military branches and the Department of Energy.
Existing cybersecurity majors SentinelOne and Crowdstrike currently trade at 121x and 50x current revenue, respectively, giving SPACs plenty of room to set prices with headroom and earnout upside for sellers. The current market has shrunk some leeway for transactions, but the less-tested DevOps space could be one where value is there for the taking on all sides.